Post Syndicated from jzb original https://lwn.net/Articles/1014734/
Version 7.1
of PeerTube, a tool for
sharing videos online, has been released. Notable features in this
release include improved support for the Podcast 2.0 standard, better
playback stability, and a new view protocol enabled by default to
allow PeerTube to handle more simultaneous viewers. See the release
notes for more details.
Post Syndicated from jzb original https://lwn.net/Articles/1006557/
/e/OS is a
privacy-centric, open-source mobile operating system that
has primarily been targeted at mobile phones, with only a few
community supported images available for tablet devices. In December,
Murena—a company that sells devices with /e/OS
preinstalled—announced
that /e/OS now officially supports tablets as well, starting with the
Pixel tablet. The user experience is close enough to
mainstream alternatives to make it attractive, but there are some
under-the-hood problems that may give users pause.
Post Syndicated from jzb original https://lwn.net/Articles/1014722/
Security updates have been issued by Debian (tzdata), Fedora (expat and tigervnc), Red Hat (kernel, kernel-rt, thunderbird, and webkit2gtk3), SUSE (dcmtk), and Ubuntu (restrictedpython and uriparser).
Post Syndicated from jzb original https://lwn.net/Articles/1014002/
If all goes according to plan, the Ubuntu project will soon be
replacing many of the traditional GNU utilities with implementations
written in Rust, such as those created by the uutils project, which we covered in
February. Wholesale replacement of core utilities at the heart of a
Linux distribution is no small matter, which is why Canonical’s VP of
engineering, Jon Seager, has released oxidizr. It
is a command-line utility that helps users easily enable or disable
the Rust-based utilities to test their suitability. Seager is calling
for help with testing and for users to provide feedback with their
experiences ahead of a possible switch for Ubuntu 25.10, an interim release
scheduled for October 2025. So far, responses from the Ubuntu
community seem positive if slightly skeptical of such a major
change.
Post Syndicated from jzb original https://lwn.net/Articles/1014465/
The long-awaited GIMP
3.0 release is now available. Major changes in 3.0 include non‑destructive
editing for most commonly‑used filters, improved text creation,
better color space management, and an update to GTK 3.
This is the end result of seven years of hard work by volunteer
developers, designers, artists, and community members (for reference,
GIMP 2.10 was first published in 2018 and the initial development
version of GIMP 3.0 was released
in 2020).
See the release
notes and NEWS
file for more details about this release. LWN covered a near-final
release of GIMP 3.0 in November last year.
Post Syndicated from jzb original https://lwn.net/Articles/1014444/
Version
12.00 of the SystemRescue live Linux
system has been released. SystemRescue is an Arch Linux based
bootable toolkit for repairing systems in the event of a
crash. Notable changes in this release include an update to Linux
6.12.19, support for bcachefs, and a number of updated disk
utilities. See the package
list for a complete list of software included in this release.
Post Syndicated from jzb original https://lwn.net/Articles/1014226/
Version
2.49.0 of the Git source-code management system has been
released. This release comprises 460 non-merge commits since 2.48.0,
with contributions from 89 people, including 24 new
contributors. There is a long list of improvements and bug fixes; see
the highlights
blog from GitHub’s Taylor Blau for some of the more interesting
features.
Post Syndicated from jzb original https://lwn.net/Articles/1013614/
Organizations relying on open-source software have a wide range of
tools, scorecards, and methodologies to try to assess security, legal,
and other risks inherent in
their so-called supply chain. However, Max Mehl argued
recently in a short talk at FOSS Backstage in Berlin (and
online) that all of
this objective information and data is insufficient to truly
understand and address risk. Worse, this information doesn’t provide
options to improve the situation and encourages a passive mindset. Mehl, who works as part of
the CTO group at DB Systel, encouraged better risk assessment using
qualitative data and direct participation in open source.
Post Syndicated from jzb original https://lwn.net/Articles/1014065/
Charles Choi has announced
the release of the Casual
Make: a menu-driven interface, implemented as part of the Casual
suite of tools, for Makefile
Mode in GNU Emacs.
Emacs supports makefile editing with make-mode which has a mix of
useful and half-baked (though thankfully obsoleted in 30.1)
commands. It is from this substrate that I’m happy to announce the
next Casual user interface: Casual Make.Of particular note to Casual Make is its attention to authoring and
identifying automatic variables whose arcane syntax is
un-memorizable. Want to know what $> means? Just select it in the
makefile and use the . binding in the Casual Make menu to identify
what it does in the mini-buffer.
Casual Make is part of Casual
2.4.0, released on March 12 and is available from MELPA. The 2.4.0 update to
Casual also includes documentation in the Info format for the first time.
Post Syndicated from jzb original https://lwn.net/Articles/1013876/
Damien Neil has written an article for the Go Blog about path
traversal vulnerabilities and the os.Root API added in Go 1.24 to help prevent
them.
Root permits relative path components and symlinks that do not escape
the root. For example, root.Open("a/../b") is permitted. Filenames are
resolved using the semantics of the local platform: On Unix systems,
this will follow any symlink in “a” (so long as that link does not
escape the root); while on Windows systems this will open “b” (even if
“a” does not exist).
Post Syndicated from jzb original https://lwn.net/Articles/1013842/
The SUSE Security Team blog has a post with a
detailed analysis of a vulnerability (CVE-2025-27591)
in the below
tool for recording and displaying system data.
In January 2025, Below was packaged and submitted to openSUSE
Tumbleweed. Below runs as a systemd service with root privileges. The
SUSE security team monitors additions and changes to systemd service
unit files in openSUSE Tumbleweed, and through this we noticed
problematic log directory permissions applied in Below’s code.
Post Syndicated from jzb original https://lwn.net/Articles/1013840/
Version
1.26.0 of the GStreamer cross-platform multimedia framework has
been released. Notable changes in this release include support for the
H.266
Versatile Video Coding (VVC) codec, Low Complexity Enhancement
Video Coding (LCEVC) support, closed caption improvements, and JPEG XS image codec
support.
Post Syndicated from jzb original https://lwn.net/Articles/1013838/
Security updates have been issued by Debian (libmodbus), Fedora (thunderbird and vyper), Mageia (firefox, nss, python-django, python-jinja2, and thunderbird, thunderbird-l10n), Oracle (bind, kernel, rsync, and tigervnc), Red Hat (.NET 8.0, .NET 9.0, and libxml2), SUSE (iniparser and kernel), and Ubuntu (dotnet8, dotnet9, freerdp2, jinja2, libreoffice, linux, linux-hwe, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-kvm, linux-oracle, linux-kvm, and opensc).
Post Syndicated from jzb original https://lwn.net/Articles/1009932/
Matrix
provides an open network for secure, decentralized communication. It
has enjoyed some success over the last few years as an IRC replacement
and real-time chat for a number of open-source projects. But adoption
by a subset of open-source developers is a far cry from the mainstream
adoption that Matthew Hodgson, Matrix project lead and CEO of Element (the company that created
Matrix), would like to see. At FOSDEM 2025, he discussed the
history of Matrix, its missteps in chasing mainstream adoption, its
current status, as well as some of the wishlist features for taking
Matrix into the mainstream.
Post Syndicated from jzb original https://lwn.net/Articles/1013723/
Version 6.14.0 of Framework
Mono has been announced.
This is the first release of Framework Mono from its new home at
WineHQ. It includes work from the past 5 years that was never included
in a stable release because no stable branch had been created in that
time. Highlights are native support for ARM64 on macOS and many
improvements to windows forms for X11.
See the release
notes for a full list of new features and plans for future
releases.
Post Syndicated from jzb original https://lwn.net/Articles/1013386/
Matthieu Clemenceau has published
a status update on Ubuntu 25.04 (Plucky Puffin) development to the Ubuntu
Discourse forum. This includes updates on Ubuntu’s adoption
of Dracut as an alternative to initramfs-tools, a move to
a single ISO for arm64 devices rather than device-specific images, and
reverting the planned O3 optimization flags for Plucky Puffin.
Earlier in this cycle, we announced
plans to enable the O3 optimization level for all Ubuntu packages
by default. As part of this effort, we conducted extensive
benchmarking, which revealed that while some workloads saw
improvements, overall system performance slightly declined, and binary
sizes increased. Given these results, we are likely to revert this
change soon.
The beta for Ubuntu 25.04 is planned
for March 27, with the final release scheduled on April 17.
Post Syndicated from jzb original https://lwn.net/Articles/1013114/
Version
2.0.0 of FerretDB has been
released. FerretDB
is an open-source alternative to MongoDB, which switched to a non-open
license in 2018, built on top of PostgreSQL. This release
utilizes the DocumentDB
PostgreSQL extension for better performance, adds vector
search, and replication.
Post Syndicated from jzb original https://lwn.net/Articles/1013104/
The Xen Project has announced
the release of Xen 4.20. This release adds support for
AMD Zen 5 CPUs, improved compliance with the MISRA C standard,
work on PCI-passthrough on Arm, and more. Xen 4.20 also removes
support for Xeon
Phi CPUs, which were discontinued
in 2018. See the feature
list and release
notes for more information.
Post Syndicated from jzb original https://lwn.net/Articles/1013098/
Version
136.0 of the Thunderbird Desktop mail client has been
released. The release includes a quick toggle for adapting messages to
dark mode, and a new “Appearance” setting to control message threading
and sorting order globally, as well as a number of bug fixes. See the
security
advisory for a full list of security vulnerabilities addressed in
Thunderbird 136.0.
Post Syndicated from jzb original https://lwn.net/Articles/1013096/
Version
12.3 of Linux From
Scratch (LFS) has been released, along with Beyond Linux
From Scratch (BLFS) 12.3. LFS provides step-by-step instructions
on building a customized Linux system entirely from source, and BLFS
helps to extend an LFS installation into a more usable system. Notable
changes in this release include toolchain updates to GNU Binutils
2.44, GNU C Library (glibc) 2.41, and Linux 6.13.2. The Changelog
has a full list of changes since the previous stable release.